Cristi

Wordfence

This is a post with main information and instructions about Wordfence, its features and installation instructions. It is used mainly for own use – is not an own article but is info taken from different websites around the web information about this WordPress plugin

Web Application Firewall identifies and blocks malicious traffic. Built and maintained by a large team focused 100% on WordPress security.

Protects your site at the endpoint, enabling deep integration with WordPress. Unlike cloud alternatives does not break encryption, cannot be bypassed and cannot leak data.

Setting Wordfence options

Once you’ve installed and activated Wordfence, head on over to the Options page by choosing Wordfence > All Options from the left-hand menu in the WordPress admin. Most of the options are set to pretty good defaults, so you don’t need to touch them. However, there are a few options in this page that you’ll definitely want to make sure you’ve set:

Scan Options > Scan Scheduling > Schedule Wordfence Scans: This should be set by default (with the ENABLED button highlighted). It makes Wordfence scan your site for hacks and malware once per day

Wordfence Global Options > General Wordfence Options > Update Wordfence automatically when a new version is released?: This setting automatically updates the Wordfence plugin every time a new version becomes available. It’s a good idea to check this checkbox to keep your site as secure as possible. If it causes any problems, uncheck it again and remember to update your Wordfence regularly!

Wordfence Global Options > General Wordfence Options > Where to email alerts: Make sure you enter your email address here, so that Wordfence can email you if it finds that your site’s been hacked.

Once you’ve checked through these options, click the SAVE CHANGES button at the top of the page to save your settings:

Running your first scan

The next thing you’ll want to do is run a Wordfence scan to check if your site’s been hacked. To do this:

Choose Wordfence > Scan from the left-hand menu in the WordPress admin

Click the START NEW SCAN button on the left side of the page

Depending on the size of your site, the scan takes anywhere from a few seconds to several minutes to complete. While it’s scanning, you’ll see a progress bar appear, along with a status message showing you what Wordfence is currently scanning. Eventually, you’ll see the text Scan Complete appear in the status line. Now scroll down the page until you see the Results Found tab.

Wordfence firewall

Choose Wordfence > Firewall from the left-hand menu in the WordPress admin.

Click the MANAGE FIREWALL button near the top of the page

On the Firewall Options page that appears, click the OPTIMIZE THE WORDFENCE FIREWALL button

An “Optimize Wordfence Firewall” popup appears. There’s a lot of techie text here, but don’t worry about it unless you have more than one WordPress running on your site, or you know your server configuration is different to the one shown. Just click the DOWNLOAD.HTACCESS button — this downloads a backup file containing your current .htaccess server configuration file, in case anything goes wrong when Wordfence changes it. Then click the CONTINUE button to optimize the firewall.